github.com/jpreese/tflint@v0.19.2-0.20200908152133-b01686250fb6/rules/awsrules/aws_s3_bucket_invalid_region.go

github.com/jpreese/tflint@v0.19.2-0.20200908152133-b01686250fb6/rules/awsrules/aws_s3_bucket_invalid_region.go (about)

     1  package awsrules
     2  
     3  import (
     4  	"fmt"
     5  	"log"
     6  
     7  	hcl "github.com/hashicorp/hcl/v2"
     8  	"github.com/terraform-linters/tflint/tflint"
     9  )
    10  
    11  // AwsS3BucketInvalidRegionRule checks the pattern is valid
    12  type AwsS3BucketInvalidRegionRule struct {
    13  	resourceType  string
    14  	attributeName string
    15  	enum          []string
    16  }
    17  
    18  // NewAwsS3BucketInvalidRegionRule returns new rule with default attributes
    19  func NewAwsS3BucketInvalidRegionRule() *AwsS3BucketInvalidRegionRule {
    20  	return &AwsS3BucketInvalidRegionRule{
    21  		resourceType:  "aws_s3_bucket",
    22  		attributeName: "region",
    23  		enum: []string{
    24  			"EU",
    25  			"us-east-1",
    26  			"us-east-2",
    27  			"eu-west-1",
    28  			"eu-west-2",
    29  			"eu-west-3",
    30  			"eu-north-1",
    31  			"us-west-1",
    32  			"us-west-2",
    33  			"ap-east-1",
    34  			"ap-south-1",
    35  			"ap-southeast-1",
    36  			"ap-southeast-2",
    37  			"ap-northeast-1",
    38  			"ap-northeast-2",
    39  			"ap-northeast-3",
    40  			"ca-central-1",
    41  			"sa-east-1",
    42  			"cn-north-1",
    43  			"cn-northwest-1",
    44  			"eu-central-1",
    45  			"me-south-1",
    46  		},
    47  	}
    48  }
    49  
    50  // Name returns the rule name
    51  func (r *AwsS3BucketInvalidRegionRule) Name() string {
    52  	return "aws_s3_bucket_invalid_region"
    53  }
    54  
    55  // Enabled returns whether the rule is enabled by default
    56  func (r *AwsS3BucketInvalidRegionRule) Enabled() bool {
    57  	return true
    58  }
    59  
    60  // Severity returns the rule severity
    61  func (r *AwsS3BucketInvalidRegionRule) Severity() string {
    62  	return tflint.ERROR
    63  }
    64  
    65  // Link returns the rule reference link
    66  func (r *AwsS3BucketInvalidRegionRule) Link() string {
    67  	return ""
    68  }
    69  
    70  // Check checks the pattern is valid
    71  func (r *AwsS3BucketInvalidRegionRule) Check(runner *tflint.Runner) error {
    72  	log.Printf("[TRACE] Check `%s` rule for `%s` runner", r.Name(), runner.TFConfigPath())
    73  
    74  	return runner.WalkResourceAttributes(r.resourceType, r.attributeName, func(attribute *hcl.Attribute) error {
    75  		var val string
    76  		err := runner.EvaluateExpr(attribute.Expr, &val)
    77  
    78  		return runner.EnsureNoError(err, func() error {
    79  			found := false
    80  			for _, item := range r.enum {
    81  				if item == val {
    82  					found = true
    83  				}
    84  			}
    85  			if !found {
    86  				runner.EmitIssue(
    87  					r,
    88  					fmt.Sprintf(`"%s" is an invalid value as region`, val),
    89  					attribute.Expr.Range(),
    90  				)
    91  			}
    92  			return nil
    93  		})
    94  	})
    95  }